How to Scan Your Environment for Vulnerable Versions of Curl

October 12, 2023 at 09:59AM The recently fixed vulnerabilities in the command-line tool curl and the libcurl library require security teams to identify and remediate impacted systems. The vulnerabilities can only be exploited under specific conditions. Organizations should scan their environment using software analysis tools to assess which systems are using curl and libcurl. Additionally, … Read more

October 10, 2023 at 10:33AM – Fresh curl tomorrow will patch ‘worst’ security flaw in ages

October 10, 2023 at 10:33AM Curl version 8.4.0 is set to be released tomorrow, addressing two security flaws. One of the flaws is considered the worst security flaw in curl in a long time. The update will address CVE-2023-38545, affecting both libcurl and the curl tool, and CVE-2023-38546, affecting libcurl only. The update does not … Read more